Re: Problems with certificates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am Sonntag, 20. Juni 2004 06:56 schrieb Sathish Challa: Michael, Could you let me know how do u succeed with Setup: FreeRADIUS Version 1.0.0-pre2 setup with only OpenSSL 0.9.7d I am getting segmentation fault. hi, do you have more than one version of OpenSSL on your server? Did you link radius to version 0.97? Check with ldd /usr/local/lib/rlm_eap_tls-1.0.0-pre2.so - -- Dr. Michael Schwartzkopff MultiNET Services GmbH Bretonischer Ring 7 85630 Grasbrunn Tel: (+49 89) 456 911 - 0 Fax: (+49 89) 456 911 - 21 mob: (+49 174) 343 28 75 PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFA1t5WqndXpO3Yl5sRAtTSAJ4w7ueVug0uY+I2PGXWFsli1RNDRQCgiKtp laRRm4Y03vAi4WVkDb4exjQ= =SwLP -END PGP SIGNATURE- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Problems with certificates
Michael, Could you let me know how do u succeed with Setup: FreeRADIUS Version 1.0.0-pre2 setup with only OpenSSL 0.9.7d I am getting segmentation fault. I have done workaround for this as I have installed OpenSSLs as per How-TO guide and installed free-radius pre2. And works fine for me. With that I have success with EAP/TLS and PEAP too. Thank you, Sathish, www.goremote.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael Schwartzkopff Sent: Friday, June 18, 2004 5:26 PM To: [EMAIL PROTECTED] Subject: Problems with certificates -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I want to use PEAP and created the certificates with CA.all in the scripts dir. I copied the cert-srv.pem and root.pem to my config dir and configured eap.conf according. But radiusd -XA stops with the following error: tls: private_key_file = /usr/local/etc/raddb/certs/cert-srv.pem tls: certificate_file = /usr/local/etc/raddb/certs/cert-srv.pem tls: CA_file = /usr/local/etc/raddb/certs/root.pem tls: private_key_password = radius tls: dh_file = /usr/local/etc/raddb/certs/dh tls: random_file = /usr/local/etc/raddb/certs/random tls: fragment_size = 1024 tls: include_length = yes tls: check_crl = no tls: check_cert_cn = (null) 30092:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:663:Expecting: CERTIFICATE 30092:error:06065064:digital envelope routines:EVP_DecryptFinal:bad decrypt:evp_enc.c:277: 30092:error:0906A065:PEM routines:PEM_do_header:bad decrypt:pem_lib.c:452: 30092:error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:missing asn1 eos:ssl_rsa.c:707: rlm_eap_tls: Error reading private key file rlm_eap: Failed to initialize type tls radiusd.conf[9]: eap: Module instantiation failed. Setup: OpenSSL 0.9.7d FreeRADIUS Version 1.0.0-pre2 Any idea what might be wrong? - -- Dr. Michael Schwartzkopff MultiNET Services GmbH Bretonischer Ring 7 85630 Grasbrunn Tel: (+49 89) 456 911 - 0 Fax: (+49 89) 456 911 - 21 mob: (+49 174) 343 28 75 PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFA0thKqndXpO3Yl5sRAnNLAJ9lEpggk1VUHdH7Vg5i+cn7qar1oACgqzG/ xeov8WFRmLNbbzRdbwokG/8= =/fAo -END PGP SIGNATURE- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Problems with certificates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I want to use PEAP and created the certificates with CA.all in the scripts dir. I copied the cert-srv.pem and root.pem to my config dir and configured eap.conf according. But radiusd -XA stops with the following error: tls: private_key_file = /usr/local/etc/raddb/certs/cert-srv.pem tls: certificate_file = /usr/local/etc/raddb/certs/cert-srv.pem tls: CA_file = /usr/local/etc/raddb/certs/root.pem tls: private_key_password = radius tls: dh_file = /usr/local/etc/raddb/certs/dh tls: random_file = /usr/local/etc/raddb/certs/random tls: fragment_size = 1024 tls: include_length = yes tls: check_crl = no tls: check_cert_cn = (null) 30092:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:663:Expecting: CERTIFICATE 30092:error:06065064:digital envelope routines:EVP_DecryptFinal:bad decrypt:evp_enc.c:277: 30092:error:0906A065:PEM routines:PEM_do_header:bad decrypt:pem_lib.c:452: 30092:error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:missing asn1 eos:ssl_rsa.c:707: rlm_eap_tls: Error reading private key file rlm_eap: Failed to initialize type tls radiusd.conf[9]: eap: Module instantiation failed. Setup: OpenSSL 0.9.7d FreeRADIUS Version 1.0.0-pre2 Any idea what might be wrong? - -- Dr. Michael Schwartzkopff MultiNET Services GmbH Bretonischer Ring 7 85630 Grasbrunn Tel: (+49 89) 456 911 - 0 Fax: (+49 89) 456 911 - 21 mob: (+49 174) 343 28 75 PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFA0thKqndXpO3Yl5sRAnNLAJ9lEpggk1VUHdH7Vg5i+cn7qar1oACgqzG/ xeov8WFRmLNbbzRdbwokG/8= =/fAo -END PGP SIGNATURE- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html